Skip to main content
Lantern Home

 

Splunk Lantern

Network infrastructure data

  1. Last updated
  2. Save as PDF

 

Network infrastructure data refers to the information generated, captured, and processed by the various components that make up a network's physical and logical architecture. This includes data from devices such as routers, switches, firewalls, servers, access points, and other networking hardware, as well as software-defined infrastructure like virtualized resources and cloud-based networks. 

Network infrastructure data is used to monitor, manage, and optimize the performance, availability, security, and configuration of the network. It provides insights into how devices communicate, how resources are allocated, and how traffic flows through the network. It can also help you maintain regulatory standards by generating audit logs.

Network infrastructure data typically includes:

  • Device configuration data: Data about the settings and configurations of network devices
  • Traffic flow data: Data about the flow of packets through the network
  • Network topology data: Information about the physical and logical structure of the network
  • Performance metrics: Data about the health and efficiency of the network and its components
  • Security data: Information about security events, policies, and rule enforcement
  • Access point and wireless data: Data about wireless network activity and devices
  • Network device logs: Logs generated by routers, switches, firewalls, and other devices
  • Quality of service (QoS) data: Data about traffic prioritization and bandwidth allocation
  • Virtualized and cloud network data: Data from software-defined networking (SDN), virtualized infrastructure, or cloud resources
  • Bandwidth utilization and capacity planning data: Data about how network resources are used and planning for future needs
  • Troubleshooting data: Data used for diagnosing and resolving network issues
  • User access data: Data about users and devices accessing the network
  • Incident and event data: Data about significant events or incidents in the network
  • Compliance and audit data: Data used to maintain regulatory compliance and generate audit trails

Network infrastructure data is stored in databases or logs and analyzed using tools Splunk Enterprise Security, network monitoring software, or custom dashboards. Sensitive configuration and traffic data must be encrypted and access-controlled to prevent leaks or misuse.

Before looking at documentation for specific data sources, review the Splunk Docs information on general data ingestion: